File indexing completed on 2025-05-04 05:29:10

0001 <?php
0002 
0003 /**
0004  *  ocs-webserver
0005  *
0006  *  Copyright 2016 by pling GmbH.
0007  *
0008  *    This file is part of ocs-webserver.
0009  *
0010  *    This program is free software: you can redistribute it and/or modify
0011  *    it under the terms of the GNU Affero General Public License as
0012  *    published by the Free Software Foundation, either version 3 of the
0013  *    License, or (at your option) any later version.
0014  *
0015  *    This program is distributed in the hope that it will be useful,
0016  *    but WITHOUT ANY WARRANTY; without even the implied warranty of
0017  *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0018  *    GNU Affero General Public License for more details.
0019  *
0020  *    You should have received a copy of the GNU Affero General Public License
0021  *    along with this program.  If not, see <http://www.gnu.org/licenses/>.
0022  *
0023  *    Created: 22.11.2016
0024  **/
0025 class Default_Model_OAuth_Github implements Default_Model_OAuth_Interface
0026 {
0027 
0028     const PREFIX_SEPARATOR = '_';
0029 
0030     const URI_AUTH = "https://github.com/login/oauth/authorize";
0031     const URI_ACCESS = 'https://github.com/login/oauth/access_token';
0032     const URI_USER = 'https://api.github.com/user';
0033     const URI_EMAIL = 'https://api.github.com/user/emails';
0034     const URI_CREATE_AUTH = 'https://api.github.com/authorizations/clients';
0035 
0036     /** @var Zend_Db_Adapter_Abstract $_db */
0037     protected $_db;
0038     /** @var null|string $_tableName */
0039     protected $_tableName;
0040     /** @var Zend_Config $config */
0041     protected $config;
0042     /** @var Zend_Session_Namespace $session */
0043     protected $session;
0044     /** @var  array */
0045     protected $memberData;
0046     /** @var  string */
0047     protected $access_token;
0048     /** @var  boolean */
0049     protected $connected;
0050     /** @var  string */
0051     protected $redirect;
0052 
0053     /**
0054      * @inheritDoc
0055      */
0056     public function __construct(Zend_Db_Adapter_Abstract $dbAdapter = null, $tableName = null, Zend_Config $config)
0057     {
0058         $this->_db = $dbAdapter;
0059         if (empty($this->_db)) {
0060             $this->_db = Zend_Db_Table_Abstract::getDefaultAdapter();
0061             if (empty($this->_db)) {
0062                 throw new Zend_Exception('No database adapter present');
0063             }
0064         }
0065 
0066         $this->_tableName = $tableName;
0067 
0068         $this->config = $config;
0069         if (empty($this->config)) {
0070             throw new Zend_Exception('No config present');
0071         }
0072 
0073         $this->session = new Zend_Session_Namespace('GITHUB_AUTH');
0074     }
0075 
0076     /**
0077      * @param null $redirectUrlAfterSuccess
0078      *
0079      * @throws Zend_Exception
0080      */
0081     public function authStart($redirectUrlAfterSuccess = null)
0082     {
0083         $state_token = $this->generateToken('auth');
0084         $this->saveStateData($state_token, $redirectUrlAfterSuccess);
0085 
0086         $requestUrl =
0087             self::URI_AUTH . "?client_id={$this->config->client_id}&redirect_uri=" . urlencode($this->config->client_callback)
0088             . "&scope=user&state={$state_token}";
0089 
0090         Zend_Registry::get('logger')->debug(__METHOD__ . ' - redirectUrl: ' . print_r($requestUrl, true));
0091 
0092         /** @var Zend_Controller_Action_Helper_Redirector $redirection */
0093         $redirection = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
0094         $redirection->gotoUrl($requestUrl);
0095     }
0096 
0097     /**
0098      * @param string $prefix_state
0099      *
0100      * @return string
0101      */
0102     private function generateToken($prefix_state)
0103     {
0104         $prefix = '';
0105         if (false == empty($prefix_state)) {
0106             $prefix = $prefix_state . self::PREFIX_SEPARATOR;
0107         }
0108 
0109         return $prefix . Local_Tools_UUID::generateUUID();
0110     }
0111 
0112     /**
0113      * @param string      $token
0114      * @param null|string $redirect
0115      *
0116      * @return bool
0117      * @throws Zend_Cache_Exception
0118      * @throws Zend_Exception
0119      */
0120     private function saveStateData($token, $redirect = null)
0121     {
0122         /** @var Zend_Cache_Core $cache */
0123         $cache = Zend_Registry::get('cache');
0124 
0125         return $cache->save(array('redirect' => $redirect), $token, array('auth', 'github'), 120);
0126     }
0127 
0128     /**
0129      * @param array $http_params
0130      *
0131      * @return null|string
0132      * @throws Zend_Exception
0133      */
0134     public function authFinish($http_params)
0135     {
0136         $error = (array_key_exists('error', $http_params)) ? $http_params['error'] : null;
0137         if ($error) {
0138             throw new Zend_Exception('Authentication failed. OAuth provider returned an error: ' . $error);
0139         }
0140 
0141         $request_code = (array_key_exists('code', $http_params)) ? $http_params['code'] : null;
0142         $session_state_token = (array_key_exists('state', $http_params)) ? $http_params['state'] : null;
0143 
0144         $result = $this->isValidStateCode($session_state_token);
0145         if ($result === false) {
0146             $this->connected = false;
0147 
0148             return false;
0149         }
0150 
0151         $this->access_token = $this->requestAccessToken($request_code, $session_state_token);
0152 
0153         if (isset($this->access_token)) {
0154             $this->connected = true;
0155         }
0156 
0157         $this->redirect = $this->getRedirectFromState($session_state_token);
0158 
0159         //        $this->clearStateToken($session_state_token);
0160 
0161         return $this->access_token;
0162     }
0163 
0164     /**
0165      * @param $session_state
0166      *
0167      * @return bool
0168      * @throws Zend_Exception
0169      */
0170     protected function isValidStateCode($session_state)
0171     {
0172         if (empty($session_state)) {
0173             return false;
0174         }
0175 
0176         /** @var Zend_Cache_Backend_Apc $cache */
0177         $cache = Zend_Registry::get('cache');
0178         if (false == $cache->test($session_state)) {
0179             Zend_Registry::get('logger')->err(__METHOD__
0180                 . ' - Authentication failed. OAuth provider send a token that does not match.')
0181             ;
0182 
0183             return false;
0184         }
0185 
0186         return true;
0187     }
0188 
0189     /**
0190      * @param string $code
0191      * @param        $state_token
0192      *
0193      * @return null|string
0194      * @throws Zend_Exception
0195      */
0196     protected function requestAccessToken($code, $state_token)
0197     {
0198         $response = $this->requestHttpAccessToken($code, $state_token);
0199         $data = $this->parseResponse($response);
0200 
0201         if ($response->getStatus() != 200) {
0202             throw new Zend_Exception('Authentication failed. OAuth provider send error message: ' . $data['error'] . ' : '
0203                 . $data['error_description']);
0204         }
0205 
0206         Zend_Registry::getInstance()->get('logger')->debug(__METHOD__ . ' - response for post request\n' . print_r($data, true));
0207 
0208         return (array_key_exists('access_token', $data)) ? $data['access_token'] : null;
0209     }
0210 
0211     /**
0212      * @param $request_code
0213      * @param $state_token
0214      *
0215      * @return Zend_Http_Response
0216      * @throws Zend_Exception
0217      * @throws Zend_Http_Client_Exception
0218      */
0219     protected function requestHttpAccessToken($request_code, $state_token)
0220     {
0221         $httpClient = new Zend_Http_Client(self::URI_ACCESS);
0222         $httpClient->setMethod(Zend_Http_Client::POST);
0223         $httpClient->setHeaders('Accept', 'application/json');
0224         $httpClient->setParameterPost(array(
0225             'client_id'     => $this->config->client_id,
0226             'client_secret' => $this->config->client_secret,
0227             'code'          => $request_code,
0228             'redirect_uri'  => $this->config->client_callback,
0229             'state'         => $state_token
0230         ));
0231 
0232         $response = $httpClient->request();
0233 
0234         Zend_Registry::get('logger')->debug(__METHOD__ . ' - request : \n' . $httpClient->getLastRequest());
0235         Zend_Registry::getInstance()->get('logger')->debug(__METHOD__ . ' - response : \n' . $response->getHeadersAsString());
0236 
0237         return $response;
0238     }
0239 
0240     /**
0241      * @param Zend_Http_Response $response
0242      *
0243      * @return mixed
0244      * @throws Zend_Json_Exception
0245      */
0246     protected function parseResponse(Zend_Http_Response $response)
0247     {
0248         $data = Zend_Json::decode($response->getBody());
0249 
0250         return $data;
0251     }
0252 
0253     /**
0254      * @param string $session_state_token
0255      *
0256      * @return mixed|null
0257      * @throws Zend_Exception
0258      */
0259     private function getRedirectFromState($session_state_token)
0260     {
0261         /** @var Zend_Cache_Core $cache */
0262         $cache = Zend_Registry::get('cache');
0263         $data = $cache->load($session_state_token);
0264 
0265         return (is_array($data) AND array_key_exists('redirect', $data)) ? $data['redirect'] : null;
0266     }
0267 
0268     /**
0269      * @return Zend_Auth_Result
0270      * @throws Exception
0271      * @throws Zend_Exception
0272      */
0273     public function authenticate()
0274     {
0275         $userEmail = $this->getUserEmail();
0276 
0277         $authResult = $this->authenticateUserEmail($userEmail['email']);
0278 
0279         if (false === $authResult->isValid()) {
0280             Zend_Registry::get('logger')->info(__METHOD__ . "\n" . ' - authentication error : user=>' . $userEmail . ': ' . "\n"
0281                 . ' - messages : ' . implode(",\n", $authResult->getMessages()))
0282             ;
0283 
0284             return $authResult;
0285         }
0286 
0287         $this->syncMemberData($userEmail);
0288 
0289         $authModel = new Default_Model_Authorization();
0290         $authModel->storeAuthSessionDataByIdentity($this->memberData['member_id']);
0291         $authModel->updateRememberMe(true);
0292         $authModel->updateUserLastOnline('member_id', $this->memberData['member_id']);
0293 
0294         return $authResult;
0295     }
0296 
0297     /**
0298      * @return array
0299      * @throws Zend_Exception
0300      * @throws Zend_Http_Client_Exception
0301      * @throws Zend_Json_Exception
0302      */
0303     public function getUserEmail()
0304     {
0305         $httpClient = new Zend_Http_Client(self::URI_EMAIL);
0306         $httpClient->setHeaders('Authorization', 'token ' . $this->access_token);
0307         $httpClient->setHeaders('Accept', 'application/json');
0308         $response = $httpClient->request();
0309 
0310         Zend_Registry::get('logger')->debug(__METHOD__ . ' - last request : \n' . $httpClient->getLastRequest());
0311         Zend_Registry::get('logger')->debug(__METHOD__ . ' - response header : ' . $response->getHeadersAsString());
0312         Zend_Registry::get('logger')->debug(__METHOD__ . ' - response : ' . $response->getRawBody());
0313 
0314         if ($response->getStatus() < 200 OR $response->getStatus() >= 300) {
0315             throw new Zend_Exception('error while request user data : ' . $response->getRawBody());
0316         }
0317 
0318         $data = $this->parseResponse($response);
0319         foreach ($data as $element) {
0320             if ($element['primary']) {
0321                 return $element;
0322             }
0323         }
0324 
0325         return array();
0326     }
0327 
0328     /**
0329      * @param string $userEmail
0330      *
0331      * @return Zend_Auth_Result
0332      * @throws Zend_Exception
0333      */
0334     private function authenticateUserEmail($userEmail)
0335     {
0336         $validator = new Zend_Validate_EmailAddress();
0337         if ($validator->isValid($userEmail)) {
0338             $resultSet = $this->fetchUserByEmail($userEmail);
0339         } else {
0340             throw new Zend_Exception('no valid email address from github given.');
0341         }
0342 
0343         if (count($resultSet) == 0) {
0344             return $this->createAuthResult(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $userEmail,
0345                 array('A record with the supplied identity could not be found.'));
0346         }
0347 
0348         if (count($resultSet) > 1) {
0349             return $this->createAuthResult(Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS, $userEmail,
0350                 array('More than one record matches the supplied identity.'));
0351         }
0352 
0353         if (empty($resultSet[0]['email_checked'])) {
0354             return $this->createAuthResult(Local_Auth_Result::MAIL_ADDRESS_NOT_VALIDATED, $resultSet[0]['member_id'],
0355                 array('Mail address not validated.'));
0356         }
0357 
0358         if ($resultSet[0]['is_active'] == 0) {
0359             return $this->createAuthResult(Local_Auth_Result::ACCOUNT_INACTIVE, $userEmail,
0360                 array('User account is inactive.'));
0361         }
0362 
0363         $this->memberData = array_shift($resultSet);
0364         Zend_Registry::get('logger')->debug(__METHOD__ . ' - this->memberData: ' . Zend_Json::encode($this->memberData));
0365 
0366         if ($this->memberData['is_deleted'] == 1) {
0367             return $this->createAuthResult(Zend_Auth_Result::FAILURE, $userEmail, array('User is deleted.'));
0368         }
0369 
0370         return $this->createAuthResult(Zend_Auth_Result::SUCCESS, $userEmail, array('Authentication successful.'));
0371     }
0372 
0373     /**
0374      * @param string $userEmail
0375      *
0376      * @return array
0377      * @throws Zend_Exception
0378      */
0379     private function fetchUserByEmail($userEmail)
0380     {
0381         $sql = "            
0382             SELECT `m`.*, `member_email`.`email_verification_value`, `member_email`.`email_checked`, `mei`.`external_id` 
0383             FROM `member` AS `m`
0384             JOIN `member_email` ON `m`.`member_id` = `member_email`.`email_member_id` 
0385             LEFT JOIN `member_external_id` AS `mei` ON `mei`.`member_id` = `m`.`member_id`
0386             WHERE  
0387               `m`.`is_deleted` = 0 
0388             AND 
0389               `member_email`.`email_deleted` = 0
0390             AND
0391               `member_email`.`email_primary` = 1
0392             AND
0393             ( LOWER(`member_email`.`email_address`) = LOWER(:mail) OR LOWER(`member_email`.`email_address`) = CONCAT(LOWER(:mail),'_double') )";
0394 
0395         $this->_db->getProfiler()->setEnabled(true);
0396         $resultSet = $this->_db->fetchAll($sql, array(
0397             'mail' => $userEmail
0398         ));
0399         Zend_Registry::get('logger')->info(__METHOD__ . ' - seconds: ' . $this->_db->getProfiler()->getLastQueryProfile()
0400                                                                                    ->getElapsedSecs())
0401         ;
0402         $this->_db->getProfiler()->setEnabled(false);
0403 
0404         return $resultSet;
0405     }
0406 
0407     /**
0408      * @param int    $code
0409      * @param string $identity
0410      * @param array  $messages
0411      *
0412      * @return Zend_Auth_Result
0413      */
0414     protected function createAuthResult($code, $identity, $messages)
0415     {
0416         return new Zend_Auth_Result($code, $identity, $messages);
0417     }
0418 
0419     /**
0420      * @param $userEmail
0421      *
0422      * @return bool
0423      * @throws Zend_Db_Statement_Exception
0424      * @throws Zend_Exception
0425      * @throws Zend_Http_Client_Exception
0426      * @throws Zend_Json_Exception
0427      */
0428     private function syncMemberData($userEmail)
0429     {
0430         if (empty($this->memberData)) {
0431             return false;
0432         }
0433 
0434         $modelMember = new Default_Model_Member();
0435         $member = $modelMember->fetchMemberData($this->memberData['member_id'], false);
0436 
0437         $userInfo = $this->getUserInfo();
0438 
0439         $updated = false;
0440 
0441         if ($member->social_username != $userInfo['login']) {
0442             $member->social_username = $userInfo['login'];
0443             $updated = $updated && true;
0444         }
0445         if ($member->social_user_id != $userInfo['id']) {
0446             $member->social_user_id = $userInfo['id'];
0447             $updated = $updated && true;
0448         }
0449         if ($member->link_github != $userInfo['login']) {
0450             $member->link_github = $userInfo['login'];
0451             $updated = $updated && true;
0452         }
0453         $verified = $userEmail['verified'] ? 1 : 0;
0454         if ($member->mail_checked != $verified) {
0455             $member->mail_checked = $verified;
0456 
0457             $updated = $updated && true;
0458         }
0459 
0460         if ($updated) {
0461             $member->save();
0462         }
0463 
0464         if ($member->is_active == Default_Model_Member::MEMBER_INACTIVE) {
0465             $modelMember->setActive($member->member_id, $userEmail['email']);
0466         }
0467     }
0468 
0469     /**
0470      * @return mixed
0471      * @throws Zend_Exception
0472      * @throws Zend_Http_Client_Exception
0473      * @throws Zend_Json_Exception
0474      */
0475     public function getUserInfo()
0476     {
0477         $httpClient = new Zend_Http_Client(self::URI_USER);
0478         $httpClient->setHeaders('Authorization', 'token ' . $this->access_token);
0479         $httpClient->setHeaders('Accept', 'application/json');
0480         $response = $httpClient->request();
0481         Zend_Registry::get('logger')->debug(__METHOD__ . ' - last request: \n' . $httpClient->getLastRequest());
0482         Zend_Registry::getInstance()->get('logger')->debug(__METHOD__ . ' - response from post request\n'
0483             . $response->getHeadersAsString())
0484         ;
0485         $data = $this->parseResponse($response);
0486         Zend_Registry::getInstance()->get('logger')->debug(__METHOD__ . ' - response from post request\n' . print_r($data, true));
0487         if ($response->getStatus() > 200) {
0488             throw new Zend_Exception('error while request users data');
0489         }
0490 
0491         return $data;
0492     }
0493 
0494     /**
0495      * @param string $email
0496      *
0497      * @return bool|Zend_Db_Table_Row_Abstract
0498      */
0499     public function findActiveMemberByEmail($email)
0500     {
0501         $modelMember = new Default_Model_Member();
0502         $member = $modelMember->findActiveMemberByIdentity($email);
0503         if (empty($member->member_id)) {
0504             return false;
0505         }
0506 
0507         return $member;
0508     }
0509 
0510     /**
0511      * @return Zend_Auth_Result
0512      * @throws Exception
0513      * @throws Zend_Exception
0514      */
0515     public function registerLocal()
0516     {
0517         $userInfo = $this->getUserInfo();
0518         $usermail = $this->getUserEmail();
0519         $userInfo['email'] = $usermail['email'];
0520         $userInfo['verified'] = $usermail['verified'] ? 1 : 0;
0521 
0522         $newUserValues = array(
0523             'username'          => strtolower($userInfo['login']),
0524             'password'          => $this->generateNewPassword(),
0525             'lastname'          => $userInfo['name'],
0526             'mail'              => $userInfo['email'],
0527             'roleId'            => Default_Model_DbTable_Member::ROLE_ID_DEFAULT,
0528             'is_active'         => 1,
0529             'mail_checked'      => $userInfo['verified'],
0530             'agb'               => 1,
0531             'login_method'      => Default_Model_Member::MEMBER_LOGIN_LOCAL,
0532             'profile_img_src'   => 'local',
0533             'profile_image_url' => $userInfo['avatar_url'],
0534             'avatar'            => basename($userInfo['avatar_url']),
0535             'social_username'   => $userInfo['login'],
0536             'social_user_id'    => $userInfo['id'],
0537             'link_github'       => $userInfo['login'],
0538             'created_at'        => new Zend_Db_Expr('Now()'),
0539             'changed_at'        => new Zend_Db_Expr('Now()'),
0540             'uuid'              => Local_Tools_UUID::generateUUID(),
0541             'verificationVal'   => MD5($userInfo['id'] . $userInfo['login'] . time())
0542         );
0543 
0544         Zend_Registry::get('logger')->debug(__METHOD__ . ' - new user data: ' . print_r($newUserValues, true));
0545         $modelMember = new Default_Model_Member();
0546         $result = $modelMember->findUsername(strtolower($userInfo['login']));
0547         $flagUsernameChanged = false;
0548         if (count($result) > 0) {
0549             $newUserValues['username'] = $modelMember->generateUniqueUsername(strtolower($userInfo['login']));
0550             $flagUsernameChanged = true;
0551             Zend_Registry::get('logger')->info(__METHOD__ . ' - username already in use. new generated username: '
0552                 . $userInfo['username'])
0553             ;
0554         }
0555         $member = $modelMember->createNewUser($newUserValues);
0556 
0557         if (empty($member)) {
0558             return $this->createAuthResult(Zend_Auth_Result::FAILURE, $member['mail'],
0559                 array('A user with given data could not registered.'));
0560         }
0561 
0562         //Send user to subsystems
0563         try {
0564             $id_server = new Default_Model_Ocs_OAuth();
0565             $id_server->createUser($member['member_id']);
0566         } catch (Exception $e) {
0567             Zend_Registry::get('logger')->err($e->getMessage() . PHP_EOL . $e->getTraceAsString());
0568         }
0569         try {
0570             $ldap_server = new Default_Model_Ocs_Ldap();
0571             $ldap_server->createUser($member['member_id']);
0572             Zend_Registry::get('logger')->debug(__METHOD__ . ' - ldap : ' . implode(PHP_EOL . " - ", $ldap_server->getMessages()));
0573         } catch (Exception $e) {
0574             Zend_Registry::get('logger')->err($e->getMessage() . PHP_EOL . $e->getTraceAsString());
0575         }
0576         try {
0577             $openCode = new Default_Model_Ocs_Gitlab();
0578             $openCode->createUser($member['member_id']);
0579             Zend_Registry::get('logger')->debug(__METHOD__ . ' - opencode : ' . implode(PHP_EOL . " - ", $openCode->getMessages()));
0580         } catch (Exception $e) {
0581             Zend_Registry::get('logger')->err($e->getMessage() . PHP_EOL . $e->getTraceAsString());
0582         }
0583 
0584         Default_Model_ActivityLog::logActivity($member['main_project_id'], null, $member['member_id'],
0585             Default_Model_ActivityLog::MEMBER_JOINED, array());
0586 
0587         $authModel = new Default_Model_Authorization();
0588         $authModel->storeAuthSessionDataByIdentity($member['member_id']);
0589         $authModel->updateRememberMe(true);
0590         $authModel->updateUserLastOnline('member_id', $member['member_id']);
0591         if ($flagUsernameChanged) {
0592             return $this->createAuthResult(Zend_Auth_Result::SUCCESS, $userInfo,
0593                 array('Authentication successful but username was changed.'));
0594         }
0595 
0596         return $this->createAuthResult(Zend_Auth_Result::SUCCESS, $member['mail'], array('Authentication successful.'));
0597     }
0598 
0599     /**
0600      * @return string
0601      */
0602     protected function generateNewPassword()
0603     {
0604         include_once('PWGen.php');
0605         $pwgen = new PWGen();
0606         $newPass = $pwgen->generate();
0607 
0608         return $newPass;
0609     }
0610 
0611     /**
0612      * @return bool
0613      */
0614     public function isConnected()
0615     {
0616         return (boolean)$this->connected;
0617     }
0618 
0619     /**
0620      * @param      $access_token
0621      * @param null $username
0622      *
0623      * @return mixed
0624      * @throws Exception
0625      */
0626     public function storeAccessToken($access_token, $username = null)
0627     {
0628         $member_id = Zend_Auth::getInstance()->getIdentity()->member_id;
0629 
0630         $modelToken = new Default_Model_DbTable_MemberToken();
0631         $rowToken = $modelToken->save(array(
0632             'token_member_id'         => $member_id,
0633             'token_provider_name'     => 'github_login',
0634             'token_value'             => $access_token,
0635             'token_provider_username' => $username
0636         ));
0637 
0638         return $rowToken;
0639     }
0640 
0641     /**
0642      * @return string
0643      * @throws Zend_Exception
0644      * @throws Zend_Http_Client_Exception
0645      * @throws Zend_Json_Exception
0646      */
0647     public function requestUsername()
0648     {
0649         $userinfo = $this->getUserInfo();
0650 
0651         return (array_key_exists('login', $userinfo)) ? $userinfo['login'] : '';
0652     }
0653 
0654     /**
0655      * @return bool|mixed
0656      */
0657     public function getRedirect()
0658     {
0659         if ($this->redirect) {
0660             $filterRedirect = new Local_Filter_Url_Decrypt();
0661             $redirect = $filterRedirect->filter($this->redirect);
0662             $this->redirect = null;
0663 
0664             return $redirect;
0665         }
0666 
0667         return false;
0668     }
0669 
0670     /**
0671      * @param $token_id
0672      *
0673      * @return string
0674      * @throws Zend_Exception
0675      */
0676     public function authStartWithToken($token_id)
0677     {
0678         $requestUrl =
0679             self::URI_AUTH . "?client_id={$this->config->client_id}&redirect_uri=" . urlencode($this->config->client_callback)
0680             . "&scope=user&state={$token_id}";
0681 
0682         Zend_Registry::get('logger')->debug(__METHOD__ . ' - redirectUrl: ' . print_r($requestUrl, true));
0683         Zend_Registry::get('logger')->debug(__METHOD__ . '(' . __LINE__ . ') - ' . PHP_EOL
0684             . 'HOST        :: ' . $_SERVER['HTTP_HOST'] . PHP_EOL
0685             . 'USER_AGENT  :: ' . (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'undefined') . PHP_EOL
0686             . 'REQUEST_URI :: ' . $_SERVER['REQUEST_URI'] . PHP_EOL
0687             . 'FORWARDED_IP:: ' . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : 'undefined') . PHP_EOL
0688             . 'REMOTE_ADDR :: ' . $_SERVER['REMOTE_ADDR'] . PHP_EOL
0689             . 'ENVIRONMENT :: ' . APPLICATION_ENV . PHP_EOL
0690         );
0691 
0692         return $requestUrl;
0693     }
0694 
0695     /**
0696      * @param string $token
0697      *
0698      * @return bool
0699      * @throws Zend_Exception
0700      */
0701     protected function clearStateToken($token)
0702     {
0703         /** @var Zend_Cache_Core $cache */
0704         $cache = Zend_Registry::get('cache');
0705 
0706         return $cache->remove($token);
0707     }
0708 
0709     /**
0710      * @param string $userEmail
0711      *
0712      * @return array
0713      * @throws Zend_Exception
0714      */
0715     private function fetchUserByUsername($userEmail)
0716     {
0717         $sql = "
0718             SELECT * 
0719             FROM {$this->_tableName} 
0720             WHERE 
0721             is_deleted = :deleted AND 
0722             username = :username";
0723 
0724         $this->_db->getProfiler()->setEnabled(true);
0725         $resultSet = $this->_db->fetchAll($sql, array(
0726             'deleted'  => Default_Model_DbTable_Member::MEMBER_NOT_DELETED,
0727             'username' => $userEmail
0728         ));
0729         Zend_Registry::get('logger')->info(__METHOD__ . ' - seconds: ' . $this->_db->getProfiler()->getLastQueryProfile()
0730                                                                                    ->getElapsedSecs())
0731         ;
0732         $this->_db->getProfiler()->setEnabled(false);
0733 
0734         return $resultSet;
0735     }
0736 
0737 }